Skip to content

Commit f9aeb9e

Browse files
ndosschendossche
committed
phar: Reduce code duplication wrt error handling in phar_parse_zipfile()
The PHAR_ZIP_FAIL and PHAR_ZIP_FAIL_FREE macros are almost the same. The reason the latter exists is because of a single error path where the error message is on the heap and needs to be freed. Instead, use a stack allocated variable for the error message so we can get rid of the duplicate macro code. This stack variable is big enough as the messages written by phar_verify_signature() are short. Closes GH-20144.
1 parent 416386a commit f9aeb9e

File tree

1 file changed

+4
-27
lines changed

1 file changed

+4
-27
lines changed

ext/phar/zip.c

Lines changed: 4 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -313,28 +313,6 @@ int phar_parse_zipfile(php_stream *fp, char *fname, size_t fname_len, char *alia
313313
entry.is_zip = 1;
314314
entry.fp_type = PHAR_FP;
315315
entry.is_persistent = mydata->is_persistent;
316-
#define PHAR_ZIP_FAIL_FREE(errmsg, save) \
317-
zend_hash_destroy(&mydata->manifest); \
318-
HT_INVALIDATE(&mydata->manifest); \
319-
zend_hash_destroy(&mydata->mounted_dirs); \
320-
HT_INVALIDATE(&mydata->mounted_dirs); \
321-
zend_hash_destroy(&mydata->virtual_dirs); \
322-
HT_INVALIDATE(&mydata->virtual_dirs); \
323-
php_stream_close(fp); \
324-
phar_metadata_tracker_free(&mydata->metadata_tracker, mydata->is_persistent); \
325-
if (mydata->signature) { \
326-
efree(mydata->signature); \
327-
} \
328-
if (error) { \
329-
spprintf(error, 4096, "phar error: %s in zip-based phar \"%s\"", errmsg, mydata->fname); \
330-
} \
331-
pefree(mydata->fname, mydata->is_persistent); \
332-
if (mydata->alias) { \
333-
pefree(mydata->alias, mydata->is_persistent); \
334-
} \
335-
pefree(mydata, mydata->is_persistent); \
336-
efree(save); \
337-
return FAILURE;
338316
#define PHAR_ZIP_FAIL(errmsg) \
339317
zend_hash_destroy(&mydata->manifest); \
340318
HT_INVALIDATE(&mydata->manifest); \
@@ -489,14 +467,13 @@ int phar_parse_zipfile(php_stream *fp, char *fname, size_t fname_len, char *alia
489467
mydata->sig_flags = PHAR_GET_32(sig);
490468
if (FAILURE == phar_verify_signature(sigfile, php_stream_tell(sigfile), mydata->sig_flags, sig + 8, entry.uncompressed_filesize - 8, fname, &mydata->signature, &sig_len, error)) {
491469
efree(sig);
470+
php_stream_close(sigfile);
492471
if (error) {
493-
char *save;
494-
php_stream_close(sigfile);
495-
spprintf(&save, 4096, "signature cannot be verified: %s", *error);
472+
char errmsg[128];
473+
snprintf(errmsg, sizeof(errmsg), "signature cannot be verified: %s", *error);
496474
efree(*error);
497-
PHAR_ZIP_FAIL_FREE(save, save);
475+
PHAR_ZIP_FAIL(errmsg);
498476
} else {
499-
php_stream_close(sigfile);
500477
PHAR_ZIP_FAIL("signature cannot be verified");
501478
}
502479
}

0 commit comments

Comments
 (0)